This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/PchZpgQI1cqOkfrSxeBDQtCE6Og.roa File: PchZpgQI1cqOkfrSxeBDQtCE6Og.roa (raw, json) Hash identifier: dQcycKyCIYtsPpLQXquvjdEaWu6oSUN5IQlEGuJOqr8= Subject key identifier: 3D:C8:59:A6:04:08:D5:CA:8E:91:FA:D2:C5:E0:43:42:D0:84:E8:E8 Certificate issuer: /CN=4687dac0837ed31137a32496a6c93e9431c60784 Certificate serial: 019B7A5AD8AB6795AEDB478E093408B063E6 Authority key identifier: 46:87:DA:C0:83:7E:D3:11:37:A3:24:96:A6:C9:3E:94:31:C6:07:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RofawIN-0xE3oySWpsk-lDHGB4Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/PchZpgQI1cqOkfrSxeBDQtCE6Og.roa Signing time: Thu 01 Jan 2026 16:18:52 +0000 ROA not before: Thu 01 Jan 2026 16:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 212.19.235.0/24 maxlen: 24 212.19.236.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/RofawIN-0xE3oySWpsk-lDHGB4Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/RofawIN-0xE3oySWpsk-lDHGB4Q.mft rsync://rpki.ripe.net/repository/DEFAULT/RofawIN-0xE3oySWpsk-lDHGB4Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:d8:ab:67:95:ae:db:47:8e:09:34:08:b0:63:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4687dac0837ed31137a32496a6c93e9431c60784 Validity Not Before: Jan 1 16:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3dc859a60408d5ca8e91fad2c5e04342d084e8e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:89:b9:7a:5f:4f:3b:bb:1c:7f:7f:c7:af:fb: ad:68:bf:c7:9f:2c:f9:8a:d9:ee:2f:b9:3e:30:a5: 59:8c:91:fb:b0:7c:df:33:55:6d:29:3c:d9:0c:9a: fe:68:ec:8c:17:a2:dc:45:18:88:3c:85:e0:eb:1f: 12:83:81:4d:a5:c9:d3:ae:2f:db:16:1d:6c:c7:c5: 28:6d:7e:77:64:52:31:19:db:92:63:df:ea:f1:20: d7:20:36:0d:be:0b:54:e7:16:46:52:b1:f1:17:e8: fc:9f:d3:ba:e5:b9:76:3b:b0:6d:32:c6:71:6c:95: f2:1e:56:03:99:97:c3:14:e1:60:ab:c7:5b:ed:b3: 18:8e:a0:df:6d:dc:23:21:72:8d:05:01:5e:71:c8: b0:0d:98:a3:4d:0b:54:bd:35:9f:43:f6:bc:ce:91: 00:3c:19:b4:58:7d:d0:a1:48:af:3f:a2:6d:8d:5f: ce:ab:46:ba:16:68:bb:19:69:0b:f6:6f:60:54:68: 63:db:c5:22:51:2c:42:5a:d0:0a:14:b7:85:ba:ae: 89:12:d5:55:5b:24:49:61:a2:6d:56:f7:a0:fc:e7: ac:0e:54:1b:b9:e1:02:64:eb:1b:ce:3c:65:bc:32: 97:eb:69:f8:e1:d3:6b:ec:7b:3e:05:a4:cb:d6:39: a2:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:C8:59:A6:04:08:D5:CA:8E:91:FA:D2:C5:E0:43:42:D0:84:E8:E8 X509v3 Authority Key Identifier: keyid:46:87:DA:C0:83:7E:D3:11:37:A3:24:96:A6:C9:3E:94:31:C6:07:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RofawIN-0xE3oySWpsk-lDHGB4Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/PchZpgQI1cqOkfrSxeBDQtCE6Og.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/1264f8-9c7d-40cd-9729-7089bc598d83/1/RofawIN-0xE3oySWpsk-lDHGB4Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.19.235.0-212.19.236.255 Signature Algorithm: sha256WithRSAEncryption 56:60:6d:c2:d7:85:5b:95:cb:f5:6a:46:b0:e3:52:e8:60:6f: 7e:6f:75:94:e2:9d:09:a4:eb:c6:0d:8d:23:06:c8:6c:bc:67: 2f:f0:72:be:ef:07:ed:74:32:a0:a8:af:96:9d:ca:3c:3d:3f: e3:f1:f0:f3:fd:31:5f:91:5b:90:83:02:c6:36:65:f9:4c:02: c5:cb:67:dd:b9:08:4f:0d:fd:2d:8c:4f:27:d7:e3:8c:86:b8: bc:d5:76:35:b7:7c:d2:9f:8c:20:c6:10:e1:ed:a3:06:6f:b4: 1f:ad:89:e7:07:00:fa:c4:13:8f:64:f1:a0:c8:12:7a:33:91: e8:5a:ce:24:ee:3d:28:e1:c1:f9:6b:a6:44:0b:43:44:ea:cd: c1:32:ab:ff:f9:8d:14:67:ad:08:1f:de:20:ff:7c:ba:db:6b: 1f:c3:e1:7a:02:ab:38:9a:02:15:55:ef:fe:e7:ff:23:31:8e: d1:5e:da:e1:b3:ab:60:0b:6c:23:cc:b6:51:37:73:97:bf:e9: f5:8d:ff:7a:c6:c7:b2:75:f3:bb:2a:6a:b9:13:09:20:e0:e1: 5d:95:48:fa:3f:09:42:18:c0:4a:d6:ab:9a:e5:fa:5f:e5:91: 9c:f8:48:8c:9a:c8:32:9f:83:63:73:ba:c1:53:9e:0d:d3:30: ed:d2:45:c5 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt6WtirZ5Wu20eOCTQIsGPmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2ODdkYWMwODM3ZWQzMTEzN2EzMjQ5NmE2YzkzZTk0MzFj NjA3ODQwHhcNMjYwMTAxMTYxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZGM4NTlhNjA0MDhkNWNhOGU5MWZhZDJjNWUwNDM0MmQwODRlOGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3om5el9PO7scf3/Hr/utaL/Hnyz5 itnuL7k+MKVZjJH7sHzfM1VtKTzZDJr+aOyMF6LcRRiIPIXg6x8Sg4FNpcnTri/b Fh1sx8UobX53ZFIxGduSY9/q8SDXIDYNvgtU5xZGUrHxF+j8n9O65bl2O7BtMsZx bJXyHlYDmZfDFOFgq8db7bMYjqDfbdwjIXKNBQFecciwDZijTQtUvTWfQ/a8zpEA PBm0WH3QoUivP6JtjV/Oq0a6Fmi7GWkL9m9gVGhj28UiUSxCWtAKFLeFuq6JEtVV WyRJYaJtVveg/OesDlQbueECZOsbzjxlvDKX62n44dNr7Hs+BaTL1jmi9QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFD3IWaYECNXKjpH60sXgQ0LQhOjoMB8GA1UdIwQY MBaAFEaH2sCDftMRN6MklqbJPpQxxgeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUm9mYXdJTi0weEUzb3lTV3Bzay1sREhHQjRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMjY0ZjgtOWM3ZC00MGNkLTk3Mjkt NzA4OWJjNTk4ZDgzLzEvUGNoWnBnUUkxY3FPa2ZyU3hlQkRRdENFNk9nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8xMjY0ZjgtOWM3ZC00MGNkLTk3MjktNzA4OWJjNTk4ZDgz LzEvUm9mYXdJTi0weEUzb3lTV3Bzay1sREhHQjRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADUE+sD BADUE+wwDQYJKoZIhvcNAQELBQADggEBAFZgbcLXhVuVy/VqRrDjUuhgb35vdZTi nQmk68YNjSMGyGy8Zy/wcr7vB+10MqCor5adyjw9P+Px8PP9MV+RW5CDAsY2ZflM AsXLZ925CE8N/S2MTyfX44yGuLzVdjW3fNKfjCDGEOHtowZvtB+tiecHAPrEE49k 8aDIEnozkehaziTuPSjhwflrpkQLQ0TqzcEyq//5jRRnrQgf3iD/fLrbax/D4XoC qziaAhVV7/7n/yMxjtFe2uGzq2ALbCPMtlE3c5e/6fWN/3rGx7J187sqarkTCSDg 4V2VSPo/CUIYwErWq5rl+l/lkZz4SIyayDKfg2NzusFTng3TMO3SRcU= -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:14 2026 by rpki-client